[Previous] [Next] [Index]
[Thread]
Re: Java and trojans: any last words before Netscape 2.0 is out?
Thus wrote:
>Netscape Communications Corp. has announced the impending release of a
>beta version of Netscape 2.0 to include Java support.
>When last we discussed Java security on these lists (see e.g.
>http://java.sun.com/archives/hotjava-interest/0745.htm), the consensus
>seemed to be that the design of Java precluded viruses and the most
>heinous forms of security violations, but not an entire class of trojan
>horses which might carry out denial of service attacks, data leakage,
>misuse of the network while assuming the victim's identity, etc.
>Is there anything to add to this assessment? Are we walking knowingly
>into a significant decrease in the security of the average Internet
>site? Should security-minded sysadmins ban Java and Netscape 2.0 from
>their systems?
It seems reasonable to assume Netscape will produce a product with
security comperable in quality to that of their previous products.
Follow-Ups:
References: